At 05:26 -0700 2001.08.29, merlyn@... wrote:
>We need to move. We need to provide safe harbor for whistleblowers!

None of these cases are about the simple process of whistleblowing.

Sklyarov violated federal law by reverse-engineering software. If you
focus on the fact that he is a "whistleblower," then you just emphasize
that he did exactly what the DMCA is designed to prevent: discovering and
reporting of software flaws.

West didn't merely blow a whistle; he downloaded files that he had no right
to download, and he did so knowingly. His intentions may have been pure (I
have no reason to doubt them); but he should have gone to one of your JACPH
talks. Breaking the law (theft) is not a good way to tell people their
system is insecure. He should have known better.

What needs to happen with West is twofold: we need to educate people on the
Right and Wrong ways to notify people of security holes (OK, maybe there is
no Right way, but the way he did it was certainly Wrong); and we need to
treat people who screw up as he did with leniency (since it is clear from
his actions he had no intention of doing anything wrong; if he had such
intentions, he never would have notified them).

So anyway, people are not being prosecuted for whistleblowing, they are
being prosecuted for clear violations of the law. Sklyarov broke a bad
law, one we should fight to overturn. West dumbly broke a reasonable law,
and should be shown a great deal of leniency.

--
Chris Nandor pudge@... http://pudge.net/
Open Source Development Network pudge@... http://osdn.com/